Lucene search
K

25177 matches found

CNNVD
CNNVD
added 2025/12/01 12:0 a.m.3 views

CODESYS Control 缓冲区错误漏洞

CODESYS Control is a suite of industrial control program programming software from CODESYS, Germany. CODESYS Control suffers from a buffer error vulnerability that originates from a contention that can be exploited by an unauthenticated, remote attacker to trigger an out-of-bounds read in the...

5.9CVSS7AI score0.00303EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/01 12:0 a.m.2 views

Photon OS 5.0: Linux PHSA-2025-5.0-0670

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0670. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.8CVSS7.4AI score0.00161EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/01 12:0 a.m.2 views

Photon OS 4.0: Frr PHSA-2025-4.0-0915

An update of the frr package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0915. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid27693...

7.5CVSS6.8AI score0.00582EPSS
Exploits9References10
Tenable Nessus
Tenable Nessus
added 2025/12/01 12:0 a.m.3 views

Photon OS 4.0: Rabbitmq PHSA-2025-4.0-0915

An update of the rabbitmq package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0915. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

6.1CVSS6.3AI score0.00203EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/01 12:0 a.m.3 views

Photon OS 5.0: Linux PHSA-2025-5.0-0691

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0691. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.8CVSS6.8AI score0.00152EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/01 12:0 a.m.5 views

PT-2025-48495

Name of the Vulnerable Software and Affected Versions Avast Antivirus versions 16.0.0 on MacOS Avast Antivirus versions 3.0.3 on Linux Description A NULL pointer dereference issue exists in Avast Antivirus when scanning a malformed Windows PE file. This can cause the antivirus process to crash on...

7.5CVSS6.5AI score0.00094EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/01 12:0 a.m.4 views

PT-2025-48466

Due to a firewall misconfiguration, Kerlink devices running KerOS prior to 5.12 incorrectly accept specially crafted UDP packets. This allows an attacker to bypass the firewall and access UDP-based services that would otherwise be protected...

5.3CVSS6.8AI score0.01453EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/01 12:0 a.m.9 views

CVE-2024-32384

Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of transport layer security allows a man-in-the-middle attacker to intercept and modify traffic between the client and the device...

6.8CVSS0.0015EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/01 12:0 a.m.5 views

EUVD-2024-30206

Due to a firewall misconfiguration, Kerlink devices running KerOS prior to 5.12 incorrectly accept specially crafted UDP packets. This allows an attacker to bypass the firewall and access UDP-based services that would otherwise be protected...

5.3CVSS6.3AI score0.01453EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/01 12:0 a.m.4 views

Photon OS 5.0: Libpng PHSA-2025-5.0-0694

An update of the libpng package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0694. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.1CVSS5.7AI score0.00281EPSS
Exploits5References5
Photon
Photon
added 2025/11/30 12:0 a.m.4 views

Important Photon OS Security Update - PHSA-2025-5.0-0695

Updates of 'linux-esx', 'wireshark', 'linux' packages of Photon OS have been released...

7.8CVSS7.1AI score0.00155EPSS
Exploits0
OSV
OSV
added 2025/11/28 9:14 a.m.6 views

RLSA-2025:22005 Moderate: go-rpm-macros security update

This package provides build-stage rpm automation to simplify the creation of Go language golang packages. It does not need to be included in the default build root: go-srpm-macros will pull it in for Go packages only. Security Fixes: os/exec: Unexpected paths returned from LookPath in os/exec...

6.5CVSS6.7AI score0.00489EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/11/28 12:0 a.m.6 views

Huawei EMUI和Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is Huawei's self-developed distributed operating system, designed for cell phones, tablets, smart homes and other full-scene devices to achieve seamless cross-device collaboration. Huawei EMUI is Huawei's deeply customized mobile operating system based on Android. A privilege...

8.4CVSS5.8AI score0.00084EPSS
Exploits0References2
CNVD
CNVD
added 2025/11/28 12:0 a.m.2 views

Cisco Catalyst Center Operating System Command Injection Vulnerability

Cisco Catalyst Center Cisco DNA Center is a network management system from the American company Cisco. Cisco Catalyst Center Cisco DNA Center suffers from an operating system command injection vulnerability that stems from insufficient user input validation. An attacker could exploit this...

8.8CVSS5.8AI score0.00317EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/27 4:10 p.m.8 views

CVE-2025-62354

Improper neutralization of special elements used in an OS command 'command injection' in Cursor allows an unauthorized attacker to execute commands that are outside of those specified in the allowlist, resulting in arbitrary code execution...

9.8CVSS7.9AI score0.01248EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2025/11/27 12:0 a.m.12 views

VulnCheck KEV: CVE-2025-8943

The Custom MCPs feature is designed to execute OS commands, for instance, using tools like npx to spin up local MCP Servers. However, Flowise's inherent authentication and authorization model is minimal and lacks role-based access controls RBAC. Furthermore, in Flowise versions before 3.0.1 the...

9.8CVSS5.9AI score0.70866EPSS
In wildExploits3References140
Photon
Photon
added 2025/11/27 12:0 a.m.7 views

Important Photon OS Security Update - PHSA-2025-5.0-0691

Updates of 'cifs-utils', 'linux-esx', 'linux' packages of Photon OS have been released...

7.8CVSS6.8AI score0.00152EPSS
Exploits0
CNNVD
CNNVD
added 2025/11/27 12:0 a.m.5 views

SDMC NE6037 操作系统命令注入漏洞

The SDMC NE6037 is a cable modem from China's Sinodisk SDMC. An operating system command injection vulnerability exists in the SDMC NE6037 versions prior to 7.1.12.2.44, which stems from a shell command injection vulnerability in the Network Diagnostic Tool...

9.3CVSS7.4AI score0.00912EPSS
Exploits0References1
NVD
NVD
added 2025/11/26 6:15 p.m.6 views

CVE-2025-64127

An OS command injection vulnerability exists due to insufficient sanitization of user-supplied input. The application accepts parameters that are later incorporated into OS commands without adequate validation. This could allow an unauthenticated attacker to execute arbitrary commands remotely...

10CVSS0.02278EPSS
Exploits0References3
NVD
NVD
added 2025/11/26 6:15 p.m.2 views

CVE-2025-64128

An OS command injection vulnerability exists due to incomplete validation of user-supplied input. Validation fails to enforce sufficient formatting rules, which could permit attackers to append arbitrary data. This could allow an unauthenticated attacker to inject arbitrary commands...

10CVSS0.02278EPSS
Exploits0References3
Rows per page
Query Builder